Privacy policy

1. Personal Information Protection

1.1. Galaxis-Great’s Basic Information Security Policy

Personal Information Protection (hereinafter referred to as “Information Security”) is the basic information security policy formulated by Galaxis-Great to fulfill corporate social responsibilities and ensure information security to the greatest extent.

Galaxis-Great respects website visitors’ privacy and protects personal information through the following measures.

1) Galaxis-Great will inform the purpose of information use and the contact person for consultation. Only the personal information required for the purpose of use is needed. Galaxis-Great will use personal information to the extent approved by the information owner. Galaxis-Great will not provide or disclose personal information to any third party without the consent of the information owner.

2) Galaxis-Great complies with relevant laws, regulations, norms and contracts regarding personal privacy protection, and manages personal information safely and appropriately. It will also take appropriate protective measures to prevent the illegal use of personal information and the occurrence of loss, destruction, falsification, and leakage.

3) Please contact us if you need to view, modify, update or delete your personal information. Galaxis-Great will respond to your request in a timely and reasonable manner.

4) Galaxis-Great will continuously improve and strengthen the protection of personal information according to your needs. Galaxis-Great will also continue to improve and implement protective measures for personal information.

1.1.1. Purpose of Personal Information Collection

Galaxis-Great will collect personal information to make users more satisfied, and provide customized products, information and services according to customer needs, thereby further improving customer satisfaction.

Your personal information (including name, email address, company name, company address and company phone number) may be collected for the following specific purposes:

1) Hold various academic seminars, exchanges and product promotions.

2) Conduct online opinion polls.

3) Request an instruction manual or online information.

4) Confirm the identity of visitors who make quotations and inquiries.

5) To provide users with better products and services, Galaxis-Great carries out various exchange programs with customers.

6) When personal information is collected for purposes other than those above, Galaxis-Great will clearly communicate the purpose of use.

1.1.2. Use and Provision of Personal Information

Galaxis-Great will use personal information within the following limits and ask you to confirm such information:

1) In principle, Galaxis-Great will not collect your personal information without informing you of the content and purpose of the service (or without your consent).

2) Galaxis-Great may use your personal information and communicate with you in some way (such as email, letter, fax and telephone). However, the user may at any time contact Galaxis-Great and refuse the following services:

• To provide you with new release, technical information and various services.

• Mail you instructions, magazines and other materials.

• Invite you to trade fairs, academic exchanges, promotions, online opinion polls and other events.

• Confirm personal information provided by you when purchasing or applying for services or providing service navigation.

3) Galaxis-Great will respond to your request for viewing, confirming, modifying, updating or deleting personal information in a timely and reasonable manner. Please contact us.

1.1.3. Disclosure to Third Parties

Galaxis-Great will not disclose customers’ personal information to third parties except in the following cases:

1) Obtain prior consent of the customer.

2) To the extent appropriate, provide personal information of customers to contracted third parties (partners who have signed confidentiality agreements with Galaxis-Great) in order to provide services and information to customers.

3) Subsidiaries and sales agents have made reasonable requests to collect personal information to respond to customers or provide follow-up services to customers.

4) Provide customer’s personal information in accordance with laws and regulations.

1.1.4. Appropriate Management of Personal Information

Galaxis-Great will properly manage and protect personal information through following measures:

1) Galaxis-Great takes strict security protection measures to prevent incidents including information loss, misuse or confusion.

2) Galaxis-Great stores the collected personal information in a secure environment protected by a firewall which is inaccessible without authorization.

1.1.5. Use of Cookies

Galaxis-Great occasionally uses cookies to make it easier for you to access the website and to improve services and information. Cookies can be used to verify identity for future visits. Cookies do not invade your personal privacy. You can also set your web browser to send notifications before new cookies are generated, or to refuse the use of all cookies.

You may refuse to provide any personal information to Galaxis-Great or refuse the use of cookies in your browser, but this may prevent you from accessing or using some of the features and services of the website.

2. Basic Information Security Policy

This policy aims to effectively protect the information assets held by the Company and its subsidiaries (hereinafter referred to as the “Group”), and develops the basic matters related to information security at the highest level.

The information security regulations will specify the details of each information security management measure below.

1) Information security management system

To smoothly safeguard information security, we set up an organization to promote information security management, and determine and carry out company-wide information security promotion.

2) Management of information assets

Organize and classify information assets that should be protected, recognize the importance of assets, and manage them appropriately according to the recorded form of information assets.

3) Information system management

To effectively, correctly and safely use the information processing equipment involving information assets, the following countermeasures should be taken for all information systems involving information assets.

• Network management

• System management

• Data management

• Vulnerability management

• Change management

• Log management

4) Physical environment management

To prevent unauthorized physical access, damage, and interference in all areas involving the Group’s information assets, necessary management requirements, such as physical defense, crime prevention, disaster prevention, and access management, should be made to implement safety management.

5) Human resource management

During the period from before employment to cessation of employment, directors, employees, dispatched employees and all others who use the Company’s information assets shall effectively understand the rules of use and management, recognize and conduct business based on the responsibility of using information security, and comply or promise to comply with this policy and regulations on information security and information assets, the use of information systems, education and inspiration. They also shall establish management measures and take precautions to avoid man-made information security incidents.

6) Outsourcing management

In case of entrusting business involving information assets to an external company, a confidentiality contract should be executed to clarify the scope of responsibility of the external trustee and implement management, thus effectively protecting information assets.

7) Compliance management

Measures related to the use and management of information assets and information security management shall strictly comply with the laws and regulations of each country in accordance with this policy, information security regulations, and rules established for each country and region, so as to avoid violation of legal provisions related to information security, obligations under contracts, and all requirements for security.

8) Emergency management

To manage information security emergencies (including all communications related to security phenomena, such as information leakage due to virus infection), consistent and effective measures should be implemented to build contingency response plans and mechanisms.

9) Sustainability management of the business

In the event of a major information system failure, business activities should be suspended to protect important business processes regardless of whether there is a risk, and then business activities and important business processes should be restarted at the appropriate time, while a system for business sustainability planning, training, and reporting should be built.

10) Assessment and supervision

Assess the implementation and effectiveness of the promoted information security measures, and conduct regular assessments or inspections to maintain and improve information security management.